Agreement on the Processing of Personal Data
As part of the Services provided to the User, MAILNJOY processes personal data on the User’s behalf. This processing continues for the duration of the contractual relationship between MAILNJOY and the User.
The processing activities carried out by MAILNJOY on behalf of the User are described below:
- Storage of email address lists uploaded by the User
- Deleting email address lists uploaded by the User
- Handling of email addresses contained in the User's lists.
Furthermore, the User’s consent to such processing is deemed to have been given.
In this regard, MAILNJOY declares that it provides sufficient guarantees regarding the implementation of appropriate technical and organizational measures to ensure that processing complies with the requirements of the GDPR and safeguards the rights of the data subject, and undertakes to comply with the following obligations:
1. MAILNJOY’s Obligations
a) User Instructions
MAILNJOY undertakes to process personal data solely for the purpose of providing the Services in accordance with the User’s instructions. Accordingly, MAILNJOY shall not grant, lease, transfer, or otherwise disclose all or part of the personal data to any other person, even free of charge, nor shall it use the personal data for purposes other than those set forth in the General Terms of Use.
If MAILNJOY determines that an instruction provided by the User constitutes a violation of applicable law, MAILNJOY must immediately notify the User.
b) Confidentiality and Security
MAILNJOY guarantees the confidentiality of personal data processed in connection with the Services. To this end, it ensures that:
- to disclose personal data only to those who need to know
- that these individuals are familiar with the User’s instructions and agree to process the personal data entrusted to them only in strict compliance with those instructions
- that they are subject to an appropriate contractual or legal obligation of confidentiality
- that they receive the necessary training in personal data protection.
MAILNJOY is committed to implementing appropriate technical and organizational measures to ensure the confidentiality and security of personal data, and in particular, to prevent such data from being distorted, damaged, or disclosed to unauthorized third parties, and more generally, to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, as well as against any form of unlawful processing, provided that these measures must ensure, taking into account the state of the art and the costs associated with their implementation, a level of security appropriate to the risks posed by the processing and the nature of the data to be protected, and more generally, to guarantee a level of security for personal data that is commensurate with the risk.
(c) Notification of personal data breaches
In the event of a security breach that accidentally or unlawfully results in the destruction, loss, alteration, or unauthorized disclosure of personal data processed by MAILNJOY, or unauthorized access to such data, MAILNJOY undertakes to notify the User immediately, within 72 hours of detecting the incident.
In such circumstances, and in consultation with the User, MAILNJOY undertakes to implement the necessary data protection measures and to minimize any adverse impact on the individuals concerned.
MAILNJOY is committed to providing the User with all necessary information and reasonable assistance to enable the User to fulfill its notification obligations to data protection authorities.
d) User Support
MAILNJOY is committed, to the best of its ability, to assisting the User in fulfilling their obligations. Accordingly, MAILNJOY shall:
- respond promptly to any request from the User regarding the personal data being processed, in order to enable the User to address, within the prescribed time limits, any requests from data subjects (right of access, right to rectification, right to erasure, etc.), and more generally, to take into account the nature of the processing and assist the User through appropriate technical and organizational measures in fulfilling its obligation to respond to requests submitted by data subjects seeking to exercise their rights;
- forward to the User, upon receipt, requests from data subjects to exercise their rights.
e) Access to data / Deletion
At any time during the term of these Terms of Use, the User may access the personal data processed by MAILNJOY or delete it directly from the Site using the unsubscribe feature.
Upon termination of the contractual relationship, at the User’s discretion, MAILNJOY agrees to destroy all personal data, or to return it to the User or to another processor designated by the User, if technically feasible, within a maximum of 3 months. The return must be accompanied by the destruction of existing copies in MAILNJOY’s information systems, unless applicable law requires their retention. MAILNJOY undertakes to provide the User, upon request, with a certificate of such destruction.
2. Audit
MAILNJOY undertakes to provide the User with all the information and documents necessary to demonstrate compliance with the obligations set forth herein.
MAILNJOY authorizes the User or any other external auditor that is not a competitor of MAILNJOY and appointed by the User to inspect and audit its personal data processing activities, and agrees to comply with all reasonable requests made by the User to verify that MAILNJOY is fulfilling the contractual obligations imposed on it by this annex.
It is agreed that, subject to requests from regulators to that effect, such audits may take place no more than once (1) per contract year. In any case, the User must notify MAILNJOY at least thirty (30) days in advance, and the audit must under no circumstances disrupt MAILNJOY’s day-to-day operations. The audit shall be limited to the personal data processing activities carried out by MAILNJOY on behalf of the User, and the User shall not have access to data concerning MAILNJOY’s other clients.
MAILNJOY undertakes to provide all documentation necessary to demonstrate that the processing complies with the User’s instructions and that appropriate security measures have been implemented.
All audit costs will be borne by the applicant.
3. Subcontracting
The User is hereby informed and expressly agrees that, in connection with the Services, MAILNJOY may engage subcontractors who will have access to and process the personal data provided by the User on its behalf. The list of such subcontractors is as follows:
| Subcontractor | Service |
|---|---|
| AWS France | Accommodation |
| Orange Business Services | Accommodation |
| OVH France | Accommodation |
| Scaleway (formerly Online) | Accommodation |
| PayPal | Payment |
| Stripe | Payment |
| List of Mailnjoy Subcontractors |
MAILNJOY is committed to implementing all necessary safeguards to ensure that data transfers are conducted in compliance with applicable regulations.
In this context, the User expressly authorizes MAILNJOY to sign, in the User’s name and on the User’s behalf, standard contractual clauses governing the relationship between the data controller and the data processor with subsequent processors (see the European Commission’s standard clauses at the following address:
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32010D0087&from;=EN
In the event of changes to its list of subcontractors, MAILNJOY will notify the User via email or through a notification in the user account, and the User will have the option to close their account if they object. It is specified that this notification will include all information regarding any transfers of personal data outside the European Union.
When MAILNJOY engages sub-processors to carry out specific processing activities on behalf of and in accordance with the User’s instructions, the same data protection obligations as those set forth in the Terms of Service are contractually imposed on the sub-processors, particularly with regard to providing sufficient guarantees regarding the implementation of appropriate technical and organizational measures.
It is MAILNJOY’s responsibility to ensure that sub-processors provide sufficient guarantees so that the processing complies with the requirements of the GDPR. If sub-processors fail to fulfill their data protection obligations, it is hereby reiterated that MAILNJOY remains fully liable to the User for the sub-processors’ performance of their obligations.
4. Transfers of personal data outside the EU for legal purposes
If MAILNJOY is required to make such transfers under applicable law, it undertakes to immediately inform the User of this legal obligation prior to processing, unless applicable law prohibits such notification for reasons of public interest.
Privacy Policy: Protection of Personal Data
As part of its business operations and for the purpose of providing the Services, MAILNJOY collects and processes the personal data of its users (hereinafter the “Users”).
This Privacy Policy, established by MAILNJOY, is intended to provide Users with a concise and comprehensive overview of how MAILNJOY processes personal data.
MAILNJOY places particular importance on respecting Users’ privacy and the confidentiality of their personal data, and is therefore committed to processing data in compliance with applicable laws and regulations, including Law No. 78-17 of January 6, 1978, on Information Technology, Data Files, and Civil Liberties (hereinafter the “Data Protection Act”), and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”).
Definitions
Personal data: Personal data means any information relating to an identified or identifiable natural person; that is, a person who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to that person.
Processing of personal data: any operation or set of operations performed on personal data, regardless of the means used, including collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, as well as blocking, erasure, or destruction.
Cookie: A cookie is a piece of information stored on a user’s hard drive by the server of the website they are visiting. It contains several pieces of data: an identifier in the form of a unique number, and possibly an expiration date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and write information.
Data Controller – DPO
The data controller for the personal data referred to herein is MAILNJOY, a simplified joint-stock company with a capital of 25,000 euros, registered with the Toulouse Trade and Companies Register under number 882433030, with its registered office located at 6b rue de la Gravette, 31830 PLAISANCE du TOUCH.
MAILNJOY has appointed a Data Protection Officer who can be contacted at the following email address: dpo@mailnjoy.com.
Data collected
MAILNJOY collects user data in order to provide users with the services they have subscribed to on the platform.
Whether the information provided is required or optional (in order to complete the User’s registration and provide them with MAILNJOY services) is indicated by an asterisk at the time of collection.
In addition, certain data is collected automatically as a result of the User’s actions on the site (see the section on cookies).
Objectives
The personal data collected by MAILNJOY in connection with the provision of services is necessary for the performance of contracts entered into with the User, or to enable MAILNJOY to pursue its legitimate interests while respecting the User’s rights. Certain data may also be processed based on the User’s consent.
The purposes for which MAILNJOY processes data are as follows:
- Commercial and accounting management of the contract;
- Management of marketing activation and promotion;
- Detection of malicious behavior (fraud, dishonest practices, etc.);
- Improving the user experience on the website;
- More generally, any purpose referred to in Article 2 of Resolution No. 2012-209 of June 21, 2012, establishing a simplified standard for the automated processing of personal data relating to the management of users and prospects.
Recipients of the data
The personal data collected is intended for MAILNJOY’s sales and accounting departments. It may be shared with MAILNJOY’s subsidiaries or with subcontractors that MAILNJOY may engage to provide its services.
In this context, personal data may be transferred to a country that is or is not a member of the European Union. MAILNJOY implements safeguards to ensure the protection and security of this data, in accordance with applicable regulations.
MAILNJOY does not sell or rent personal data to third parties for any commercial purpose.
Apart from these cases, personal data may only be disclosed to third parties in the following circumstances:
- With their permission;
- At the request of the competent legal authorities, pursuant to a court order, or in connection with legal proceedings.
Data retention period
To comply with its legal obligations or to obtain the information necessary to assert its rights, MAILNJOY may archive data in accordance with the terms set forth in the regulations.
Thus, personal data collected by MAILNJOY regarding the identity and contact information of its Users is retained for a maximum period of two years following the termination of the contractual relationship for customer Users, or from the date of collection by the data controller or the last contact initiated by the prospective User for data relating to the latter.
Termination of the contractual relationship refers to the User’s express termination of the contract or the User’s failure to use MAILNJOY’s services for a period of five years. This period is reduced to six months if the User has never made a purchase.
User Rights
In accordance with applicable regulations, the User has the right to access and correct personal data concerning him or her, which allows the User to have data corrected, supplemented, updated, or deleted if it is inaccurate, incomplete, ambiguous, or outdated, or if its collection, use, disclosure, or retention is prohibited.
The User also has the right to request that the processing of their personal data be restricted and to object to the processing of their personal data on legitimate grounds. The User may also provide instructions regarding the handling of their personal data in the event of their death.
Where applicable, the User may request the portability of their data, or, where the legal basis for processing is consent, withdraw their consent at any time.
Users may exercise their rights by sending an email to privacy@mailnjoy.com or by mail to:
MAILNJOY – Privacy Policy
6B Rue de la Gravette,
31830 Plaisance-du-Touch
Users can also update their personal information at any time by logging in to www.mailnjoy.com and clicking on “My Profile,” or by contacting customer service at support@mailnjoy.com
Users can unsubscribe from the MAILNJOY newsletter or marketing emails by clicking the unsubscribe links included in each of these emails.
In the event of a dispute, the User may file a complaint with the CNIL, whose contact information is available at www.cnil.fr.
The User may access detailed information regarding the use of their personal data, including the purposes of the processing, the legal bases allowing MAILNJOY to process the data, the retention periods, the recipients, and, where applicable, transfers of such data to a country outside the European Union, as well as the safeguards in place. To do so, the User may submit a request by email to dpo@mailnjoy.com.
Cookies
The MAILNJOY website uses cookies to facilitate navigation on the site and to provide the services offered by MAILNJOY.
Types of cookies used
Cookies necessary for browsing the site
These cookies are necessary for the www.mailnjoy.com website to function. They enable the use of the site’s main features.
Without these cookies, users cannot use the site normally.
Functional cookies
These cookies help personalize the user experience.
MAILNJOY
does not use analytical cookies.
MAILNJOY does not use this
type of cookie for its share buttons.
Cookie Management
Users can choose to accept or reject cookies on the website, or block them permanently by adjusting their browser settings.
If the User chooses to block all cookies, access to certain pages of the site will be limited or even impossible.
Depending on the browser used by Users, cookies can be deleted as follows:
In Internet Explorer
- Click the Tools button, then click Internet Options.
- On the General tab, under Browsing History, click Settings.
- Click the "View Files" button.
- Select the cookies you want to block and click "Delete."
In Firefox
- Click the browser's Tools icon, then select the Options menu
- In the window that appears, select "Privacy and Security" and click "Cookies and Site Data"
- Select the cookies you want to block and click "Delete."
On Safari
- Click the Edit icon, then select the Preferences menu.
- Click on "Security," then click on "View cookies."
- Select the cookies you want to block and click "Delete."
In Google Chrome
- Click the Tools icon, select the Options menu, and then click Settings
- Go to Advanced Settings, then navigate to the "Site Settings" section and select "Cookies and Site Data."
- Click the "All cookies and site data" button.
- Select the cookies you want to block, then click "Delete."
- Cookie Lifespan
Cookies are stored on the User’s device for a maximum of 13 months from the date the User provides consent.
After this period, consent will be obtained again.
Security
MAILNJOY has taken all necessary precautions to ensure the security of personal data and, in particular, to prevent it from being altered or damaged or accessed by unauthorized third parties.
These measures include the following:
- Multi-level firewalls,
- A well-established antivirus program,
- Intrusion detection,
- Encrypted data transmission using SSL/HTTPS/VPN technology
- ISO 27001-certified data centers
In addition, access to MAILNJOY Services requires users to authenticate themselves using an individual access code and password.
Any questions regarding the security of the MAILNJOY website can be directed to support@mailnjoy.com.
Changes to the Privacy Policy
MAILNJOY reserves the right to update this Privacy Policy to comply with changes in applicable laws and regulations.
Any changes will be announced on our website or via email, whenever possible, at least thirty days before they take effect.
Contact
Any questions regarding MAILNJOY’s Privacy Policy may be sent by email to dpo@mailnjoy.com or by mail to:
MAILNJOY – Privacy Policy
6B Rue de la Gravette,
31830 Plaisance-du-Touch